fix: tags not properly being set in ostree remote (#6)

* fix: tags are now properly set in remote after install
* refactor: kinoite variant is better as a default except for silverblue
* refactor: use docker to build ISO

---------

Co-authored-by: Benjamin Sherman <benjamin@holyarmy.org>

.github/workflows/iso.yml

@@ -11,10 +11,7 @@ on:
 
   workflow_call:
     inputs:
-      IMAGE_VERSION:
-        required: true
-        type: string
-      IMAGE_ARCH:
+      ARCH:
         required: true
         type: string
       IMAGE_NAME:
@@ -23,90 +20,67 @@ on:
       IMAGE_REPO:
         required: true
         type: string
+      IMAGE_TAG:
+        required: true
+        type: string
       VARIANT:
         required: true
         type: string
+      VERSION:
+        required: true
+        type: string
+      WEB_UI:
+        required: true
+        type: string
       BUILD_REPO:
         required: false
         type: string
-        default: JasonN3/container-installer
+        default: ublue-os/isogenerator
       BUILD_REF:
         required: false
         type: string
         default: main
 
 env:
-  IMAGE_VERSION: ${{ inputs.IMAGE_VERSION || '39' }}
-  IMAGE_ARCH: ${{ inputs.IMAGE_ARCH || 'x86_64' }}
+  ARCH: ${{ inputs.ARCH || 'x86_64' }}
   IMAGE_NAME: ${{ inputs.IMAGE_NAME || 'base-main' }}
   IMAGE_REPO: ${{ inputs.IMAGE_REPO || 'ghcr.io/ublue-os' }}
-  VARIANT: ${{ inputs.VARIANT || 'Silverblue' }}
+  IMAGE_TAG: ${{ inputs.IMAGE_TAG || 'latest' }}
+  VARIANT: ${{ inputs.VARIANT || 'Kinoite' }}
+  VERSION: ${{ inputs.VERSION || '39' }}
+  WEB_UI: ${{ inputs.WEB_UI || 'false' }}
   CURR_REPO: ${{ inputs.BUILD_REPO || github.repository }}
   CURR_REF: ${{ inputs.BUILD_REF || github.ref }}
 
 jobs:
   build-and-push-iso:
     runs-on: ubuntu-latest
-    container:
-      image: fedora:39
-      options: "--privileged"
     permissions:
       contents: read
       packages: write
     steps:
-      - name: Install make and git
-        run: dnf install -y make git
-
-      - name: Checkout repository
-        uses: actions/checkout@v4
-        with:
-          repository: ${{ env.CURR_REPO }}
-          ref: ${{ env.CURR_REF }}
-          submodules: recursive
-
-      - name: Install dependencies
-        run: make install-deps
-
-      - name: Lowercase Registry
-        id: registry_case
-        uses: ASzc/change-string-case-action@v6
-        with:
-          string: ${{ env.IMAGE_REPO }}
-
-      - name: Download image
+      - name: Build ISO
+        shell: bash
         run: |
-          make container/${IMAGE_NAME}-${IMAGE_VERSION} \
-            arch=${IMAGE_ARCH} \
-            version=${IMAGE_VERSION} \
-            image_repo=${{ steps.registry_case.outputs.lowercase }} \
-            image_name=${IMAGE_NAME} \
-            variant=${VARIANT}
-
-      - name: Create boot.iso
-        run: |
-          make boot.iso \
-            arch=${IMAGE_ARCH} \
-            version=${IMAGE_VERSION} \
-            image_repo=${{ steps.registry_case.outputs.lowercase }} \
-            image_name=${IMAGE_NAME} \
-            variant=${VARIANT}
-
-      - name: Create deploy.iso
-        run: |
-          make ${IMAGE_NAME}-${IMAGE_VERSION}.iso \
-            arch=${IMAGE_ARCH} \
-            version=${IMAGE_VERSION} \
-            image_repo=${{ steps.registry_case.outputs.lowercase }} \
-            image_name=${IMAGE_NAME} \
-            variant=${VARIANT}
-          mkdir end_iso
-          mv output/${IMAGE_NAME}-${IMAGE_VERSION}.iso end_iso/
+          set -eo pipefail
+          mkdir -p output
+          docker run \
+                    --rm --privileged \
+                    -v ./output:/isogenerator/output \
+                    -e ARCH="${{ env.ARCH }}" \
+                    -e IMAGE_NAME="${{ env.IMAGE_NAME }}" \
+                    -e IMAGE_REPO="${{ env.IMAGE_REPO }}" \
+                    -e IMAGE_TAG="${{ env.IMAGE_TAG }}" \
+                    -e VARIANT="${{ env.VARIANT }}" \
+                    -e VERSION="${{ env.VERSION }}" \
+                    -e WEB_UI="${{ env.WEB_UI }}" \
+                    ghcr.io/ublue-os/isogenerator:latest
 
       - name: Upload ISO as artifact
         uses: actions/upload-artifact@v4
         with:
-          name: ${{ env.IMAGE_NAME }}-${{ env.IMAGE_VERSION }}.iso
-          path: end_iso/*.iso
+          name: ${{ env.IMAGE_NAME }}-${{ env.IMAGE_TAG }}.iso
+          path: output/*.iso
           if-no-files-found: error
           retention-days: 0
           compression-level: 0

.github/workflows/isogenerator-image.yml

@@ -0,0 +1,84 @@
+---
+name: isogenerator-image
+on:
+  pull_request:
+    branches:
+      - main
+    paths:
+      - 'Dockerfile'
+  push:
+    branches:
+      - main
+    paths:
+      - 'Dockerfile'
+  workflow_dispatch:
+
+env:
+  IMAGE_NAME: isogenerator
+  IMAGE_REGISTRY: "ghcr.io/${{ github.repository_owner }}"
+
+jobs:
+  push-image:
+    name: Build and push image
+    runs-on: ubuntu-22.04
+
+    permissions:
+      contents: read
+      packages: write
+      id-token: write
+
+    strategy:
+      fail-fast: false
+
+    steps:
+      # Checkout push-to-registry action GitHub repository
+      - name: Checkout Push to Registry action
+        uses: actions/checkout@v3
+
+      # Build metadata
+      - name: Image Metadata
+        uses: docker/metadata-action@v4
+        id: meta
+        with:
+          images: |
+            ${{ env.IMAGE_REGISTRY }}/${{ env.IMAGE_NAME }}
+
+          labels: |
+            io.artifacthub.package.readme-url=https://raw.githubusercontent.com/${{ github.repository }}/main/README.md
+            org.opencontainers.image.description=A container image for generating Universal Blue ISO files
+            org.opencontainers.image.title=${{ env.IMAGE_NAME }}
+          tags: |
+            type=ref,event=branch
+            type=ref,event=pr
+            # set latest tag for default branch
+            type=raw,value=latest,enable={{is_default_branch}}
+
+      - name: Login to GitHub Container Registry
+        uses: docker/login-action@v2
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Build and Push Image
+        uses: docker/build-push-action@v4
+        with:
+          context: ./
+          file: ./Dockerfile
+          push: ${{ github.event_name != 'pull_request' }}
+          labels: ${{ steps.meta.outputs.labels }}
+          tags: ${{ steps.meta.outputs.tags }}
+
+  check:
+    name: Check build successful
+    if: ${{ !cancelled() }}
+    runs-on: ubuntu-latest
+    needs: [push-image]
+    steps:
+      - name: Exit on failure
+        if: ${{ needs.push-image.result == 'failure' || needs.push-image.result == 'skipped' }}
+        shell: bash
+        run: exit 1
+      - name: Exit
+        shell: bash
+        run: exit 0

Dockerfile

@@ -1,11 +1,11 @@
 FROM fedora:latest
 
 ENV ARCH="x86_64"
-ENV VERSION="39"
-ENV IMAGE_REPO="ghcr.io/ublue-os"
 ENV IMAGE_NAME="base-main"
+ENV IMAGE_REPO="ghcr.io/ublue-os"
 ENV IMAGE_TAG="$(version)"
-ENV VARIANT="Silverblue"
+ENV VARIANT="Kinoite"
+ENV VERSION="39"
 ENV WEB_UI="false"
 
 WORKDIR /isogenerator

Makefile

@@ -20,7 +20,7 @@ ifeq ($(web_ui),true)
 lorax_args += -i anaconda-webui
 endif
 
-$(image_name)-$(version).iso: boot.iso container/$(image_name)-$(version) xorriso/input.txt 
+$(image_name)-$(version).iso: boot.iso container/$(image_name)-$(image_tag) xorriso/input.txt
 	xorriso -dialog on < $(base_dir)/xorriso/input.txt
 
 boot.iso: lorax_templates/set_installer.tmpl lorax_templates/configure_upgrades.tmpl
@@ -35,10 +35,10 @@ boot.iso: lorax_templates/set_installer.tmpl lorax_templates/configure_upgrades.
           $(base_dir)/results/
 	mv $(base_dir)/results/images/boot.iso $(base_dir)/
 
-container/$(image_name)-$(version):
+container/$(image_name)-$(image_tag):
 	mkdir container
 	podman pull $(image_repo)/$(image_name):$(image_tag)
-	podman save --format oci-dir -o $(base_dir)/container/$(image_name)-$(version) $(image_repo)/$(image_name):$(image_tag)
+	podman save --format oci-dir -o $(base_dir)/container/$(image_name)-$(image_tag) $(image_repo)/$(image_name):$(image_tag)
 	podman rmi $(image_repo)/$(image_name):$(image_tag)
 
 install-deps:
@@ -50,7 +50,7 @@ lorax_templates/%.tmpl: lorax_templates/%.tmpl.in
 	sed 's/@IMAGE_NAME@/$(image_name)/'                        $(base_dir)/lorax_templates/$*.tmpl.in > $(base_dir)/lorax_templates/$*.tmpl
 	sed 's/@IMAGE_REPO@/$(image_repo_escaped)/'                $(base_dir)/lorax_templates/$*.tmpl > $(base_dir)/lorax_templates/$*.tmpl.tmp
 	mv $(base_dir)/lorax_templates/$*.tmpl{.tmp,}
-	sed 's/@VERSION@/$(version)/'                              $(base_dir)/lorax_templates/$*.tmpl > $(base_dir)/lorax_templates/$*.tmpl.tmp
+	sed 's/@IMAGE_TAG@/$(image_tag)/'                          $(base_dir)/lorax_templates/$*.tmpl > $(base_dir)/lorax_templates/$*.tmpl.tmp
 	mv $(base_dir)/lorax_templates/$*.tmpl{.tmp,}
 	sed 's/@IMAGE_REPO_ESCAPED@/$(image_repo_double_escaped)/' $(base_dir)/lorax_templates/$*.tmpl > $(base_dir)/lorax_templates/$*.tmpl.tmp
 	mv $(base_dir)/lorax_templates/$*.tmpl{.tmp,}
@@ -61,7 +61,8 @@ xorriso/input.txt: xorriso/gen_input.sh
 	bash $(base_dir)/xorriso/gen_input.sh | tee $(base_dir)/xorriso/input.txt
 
 xorriso/%.sh: xorriso/%.sh.in
-	sed 's/@IMAGE_NAME@/$(image_name)/' $(base_dir)/xorriso/$*.sh.in > $(base_dir)/xorriso/$*.sh
+	sed 's/@IMAGE_NAME@/$(image_name)/' $(base_dir)/xorriso/$*.sh.in > $(base_dir)/xorriso/$*.sh.in2
+	sed 's/@IMAGE_TAG@/$(image_tag)/'   $(base_dir)/xorriso/$*.sh.in2 > $(base_dir)/xorriso/$*.sh
 	sed 's/@VERSION@/$(version)/'       $(base_dir)/xorriso/$*.sh > $(base_dir)/xorriso/$*.sh.tmp
 	mv $(base_dir)/xorriso/$*.sh{.tmp,}
 	sed 's/@ARCH@/$(arch)/'             $(base_dir)/xorriso/$*.sh > $(base_dir)/xorriso/$*.sh.tmp
@@ -79,6 +80,6 @@ clean:
 	rm -f $(base_dir)/{original,final}-pkgsizes.txt || true
 	rm -f $(base_dir)/lorax.conf || true
 	rm -f $(base_dir)/*.iso || true
-	rm -f $(base_dir)/*.log || true	
+	rm -f $(base_dir)/*.log || true
 	
 	

lorax_templates/configure_upgrades.tmpl.in

@@ -1,7 +1,7 @@
 append usr/share/anaconda/interactive-defaults.ks "%post --erroronfail"
-append usr/share/anaconda/interactive-defaults.ks "sed -i 's/container-image-reference=.*/container-image-reference=ostree-image-signed:docker:\/\/@IMAGE_REPO_ESCAPED@\/@IMAGE_NAME@:@VERSION@/' /ostree/deploy/default/deploy/*.origin"
+append usr/share/anaconda/interactive-defaults.ks "sed -i 's/container-image-reference=.*/container-image-reference=ostree-image-signed:docker:\/\/@IMAGE_REPO_ESCAPED@\/@IMAGE_NAME@:@IMAGE_TAG@/' /ostree/deploy/default/deploy/*.origin"
 append usr/share/anaconda/interactive-defaults.ks "%end"
 
 append usr/share/anaconda/post-scripts/configure_upgrades.ks "%post --erroronfail"
-append usr/share/anaconda/post-scripts/configure_upgrades.ks "sed -i 's/container-image-reference=.*/container-image-reference=ostree-image-signed:docker:\/\/@IMAGE_REPO_ESCAPED@\/@IMAGE_NAME@:@VERSION@/' /ostree/deploy/default/deploy/*.origin"
+append usr/share/anaconda/post-scripts/configure_upgrades.ks "sed -i 's/container-image-reference=.*/container-image-reference=ostree-image-signed:docker:\/\/@IMAGE_REPO_ESCAPED@\/@IMAGE_NAME@:@IMAGE_TAG@/' /ostree/deploy/default/deploy/*.origin"
 append usr/share/anaconda/post-scripts/configure_upgrades.ks "%end"

lorax_templates/set_installer.tmpl.in

@@ -1 +1 @@
-append usr/share/anaconda/interactive-defaults.ks "ostreecontainer --url=/run/install/repo/@IMAGE_NAME@-@VERSION@ --transport=oci --no-signature-verification"
+append usr/share/anaconda/interactive-defaults.ks "ostreecontainer --url=/run/install/repo/@IMAGE_NAME@-@IMAGE_TAG@ --transport=oci --no-signature-verification"

xorriso/gen_input.sh.in

@@ -7,9 +7,9 @@ echo "-volid @IMAGE_NAME@-@ARCH@-@VERSION@"
 echo "-joliet on"
 echo "-compliance joliet_long_names"
 cd container
-for file in $(find @IMAGE_NAME@-@VERSION@)
+for file in $(find @IMAGE_NAME@-@IMAGE_TAG@)
 do
     echo "-map $(pwd)/${file} ${file}"
     echo "-chmod 0444 ${file}"
 done
-echo "-end"
+echo "-end"